Hot Downloads

×

Notice

The forum is in read only mode.
Welcome, Guest
Username: Password: Remember me
  • Page:
  • 1

TOPIC: Blocking all access to internet

Blocking all access to internet 10 years 11 months ago #22880

  • ohno
  • ohno's Avatar Topic Author
  • Offline
  • New Member
  • New Member
  • Posts: 1
  • Thank you received: 0
I'd found this useful iptables from this forum. So I changed a little bit to suit the need like this
[code:1]/sbin/iptables -F CUSTOMINPUT
/sbin/iptables -F CUSTOMFORWARD

#allow full access for specific IPs

#/sbin/iptables -A CUSTOMFORWARD -i $GREEN_DEV -s 192.168.2.3 -o $RED_DEV -j ACCEPT
#/sbin/iptables -A CUSTOMFORWARD -i $GREEN_DEV -s 192.168.2.4 -o $RED_DEV -j ACCEPT

#bar access for all other IPs
/sbin/iptables -A CUSTOMFORWARD -i $GREEN_DEV -s 0/0 -o $RED_DEV -j DROP [/code:1]when i ran the iptables by typing /etc/rc.d/rc.local, some error occured. Which is: it can't recognize "-s" argument.

So, I changed all $GREEN_DEV to eth0 and $RED_DEV to eth1. It's succesfully executed with no errors. But all other user still can access the internet i.e: still can do instant messanging, etc

Does this code can block such attempts?

Thanx in advanced

p/s: I'd thi code at the end of the rc.local file for the openvpn
[code:1]echo "Starting openvpn (if enabled)"
/usr/local/bin/openvpnctrl --start-daemon-only[/code:1]

Re: Blocking all access to internet 10 years 10 months ago #22897

  • DaLight
  • DaLight's Avatar
  • Offline
  • Honored Member
  • Honored Member
  • Posts: 1302
  • Karma: 1
  • Thank you received: 0
That's because, you've probably got a proxy server through which the users can still access the internet. You will either need to disable it (the proxy server) or apply some access control. Note that instant messaging applications will usually default to using port 80 if their regular access port is blocked.
  • Page:
  • 1
Time to create page: 0.133 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup